[182522] in North American Network Operators' Group
Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last
daemon@ATHENA.MIT.EDU (Colin Johnston)
Mon Jul 20 15:50:31 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <55AD4E99.5020605@kenweb.org>
From: Colin Johnston <colinj@gt86car.org.uk>
Date: Mon, 20 Jul 2015 20:50:21 +0100
To: ML <ml@kenweb.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
new idea to free up network ranges for arin and ripe
give a class c to china firewall, then put all the existing china ranges bac=
k in allocation pool and reallocate to new customers.
anounce these new ranges with a higher pref than china ranges and then watch=
china start to cooperate at the nic level and abuse level
colin
Sent from my iPhone
> On 20 Jul 2015, at 20:40, ML <ml@kenweb.org> wrote:
>=20
>> On 7/20/2015 2:57 PM, Valdis.Kletnieks@vt.edu wrote:
>> On Mon, 20 Jul 2015 19:42:39 +0100, Colin Johnston said:
>>> see below for china ranges I believe, ipv4 and ipv6
>> You may believe... but are you *sure*? (Over the years, we've seen
>> *lots* of "block China" lists that accidentally block chunks allocated
>> to Taiwan or Australia or other Pacific Rim destinations).
>=20
> If you really wanted to go the route of blocking all/almost all China. Is=
n't there a short list of ASNs that provide transit to China citizens/networ=
ks?
> I'm referring to AS4134, AS4837, etc
> Wouldn't blackholing any prefix with those ASNs in the AS path accomplish t=
he goal and stay up to date with a new prefixes originated from China?
>=20
